Threat intelligence sharing

Anomali provides secure threat sharing for ISACs and threat sharing networks.

A secure platform for trusted collaboration

Anomali ThreatStream is the leading global threat sharing platform for ISACs, ISAOs, industry groups, holding companies, and other threat intel sharing communities seeking to power secure collaboration.

Benefits for Anomali threat intel sharing community partners include:

  • A branded threat sharing community portal
  • A dedicated “Trusted Circle” on the Anomali platform
  • Admin access to help screen and manage memberships
  • A STIX/TAXII server for programmatic access
  • Anomali licenses for community members
  • Community training, education, and support
Power Your Community
Threat Intelligence Communities

Build your ISAC

Setting up your threat sharing community is simple and secure with Anomali.

Get Started

Anomali sharing community partners

Anomali powers the threat intelligence sharing of many of the world’s leading Information Sharing and Analysis Centers, Organizations, and other threat intel sharing communities.

Intelligence sharing communities are recognized as one of the best defenses against cyber threats and attacks. And organizations are no longer alone in this hostile environment – members are ‘trust-sourcing’ threat indicators for analysts to research, scrub and anonymize, yielding actionable intelligence for dissemination in real and near-real time. Energy Analytic Security Exchange (EASE) provides intelligence and information sharing services to utilities companies and organizations related to the electric grid.

The Energy Sector Security Consortium, Inc. (EnergySec) is a United States 501(c)(3) non-profit corporation formed to support energy sector organizations with the security of their critical technology infrastructures. Through our membership program, we support collaborative initiatives and projects that help enhance the cybersecurity resiliency of these organizations. Today, our community includes more than 5000 individuals representing more than 500 organizations. The development of the EnergySec information sharing efforts and workforce development remain a key focus areas of EnergySec as it continues to develop programs and other efforts to meet the needs of the energy sector into the future.

Global Resilience Federation supports and connects intelligence sharing communities. GRF is a not-for-profit intelligence provider and hub for cyber and physical threat sharing between ISACs, ISAOs and CERTs from many different sectors and regions around the world. Many industries have their own threat sharing organization, but threat actors no longer target sectors one at a time. Malicious campaigns often infiltrate many industries at once, or use one to backdoor into another. GRF creates new sharing communities, and connects existing industries to broaden their security footprint and provide for the common defense.

H-ISAC is a trusted community of critical infrastructure owners and operators within the Health Care and Public Health sector (HPH). The community is primarily focused on sharing timely, actionable and relevant information with each other including intelligence on threats, incidents and vulnerabilities that can include data such as indicators of compromise, tactics, techniques and procedures (TTPs) of threat actors, advice and best practices, mitigation strategies and other valuable material. Sharing can occur via machine to machine or human to human. H-ISAC also fosters the building of relationships and networking through a number of educational events in order to facilitate trust. Working groups and committees focus on topics and activities of importance to the sector and services such as CYBERFIT® offer enhanced services to leverage the H-ISAC community for the benefit of all.

The Investment Association (IA) of the UK is helping its members in the fight against cybercrime with IA-TITAN, a threat intelligence sharing community powered by Anomali that enables members to centralize a range of data and intelligence on UK-relevant cyber hazards and risks from their asset management industry peers, law enforcement, and government agencies.

Legal Services Information Sharing and Analysis Organization (LS-ISAO) is a member-driven community that shares threat and vulnerability information among member firms for their mutual defense. To prevent and respond to cybersecurity incidents, it also partners with leading sources of threat intelligence including other sharing communities, governments, and private security vendors. In daily practice, firms work together with in-house ISAO analysts to enrich and share actionable security information to secure firm systems, IP and client data. LS-ISAO and its partners exchange an average of 4,500 reports per year, on topics ranging from phishing campaigns and ransomware threats, to BEC attacks and APT activity. Its automated sharing platforms have access to million of Indicators of Compromise that are parsed into tens-of-thousands of industry-specific threat indicators every month.

The Multi-State Information Sharing and Analysis Center® (MS-ISAC®) is the U.S. Department of Homeland Security’s (DHS) recognized resource for collaborative cyber information sharing and analysis among U.S, State, Local, Tribal, and Territorial (SLTT) government entities. CIS® is home to the MS-ISAC. The MS-ISAC is a voluntary and collaborative effort based on a strong partnership between CIS and the Office of Cybersecurity and Communications within DHS. The MS-ISAC has been designated by DHS as the key resource for cyber threat prevention, protection, response and recovery for the nation’s SLTTs. Through its state of-the-art 24x7 Security Operations Center, the MS-ISAC serves as a central resource for SLTT cybersecurity situational awareness and incident response.

The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and McAfee with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.

SANS Institute is the most recognized and trusted resource for cybersecurity training, and certification. SANS Affiliate Program is a comprehensive partnership with SANS, focused on educating and enlightening the SANS community on their latest services and techniques.

UBF-ISAC aims to enhance the understanding of threat intelligence, showcase the value of collaboration, and provide ongoing training. The ISAC is powered by the Anomali ThreatStream platform, which helps to order and interpret the ever-growing amount of threat data available to organizations from internal and third-party sources. Founding members include HSBC, CBD, ADCB, Barclays, CBI, Citibank, ENBD, FAB, Mashreq, Noorbank, SCB, ADIB, and NBF. Professional body UBF and the ISAC is set to grow in a phased approach to encompass all UBF’s member banks.